Why is a refresh_token not provided by OAuth2 servers responding to a “client_credentials” grant?

Question

I\'m reading the OAuth2 spec:

https://tools.ietf.org/html/rfc6749#section-4.4.2

Specially the section on client_credentials grant type.

Answer 1

When using the client credentials grant, the client application authenticates to the authorization server using its client id and client secret. It gets back an access token for the resource if authorized. There's no user interaction in this scenario, so there's no need to issue a refresh token.

When the access token expires, the client can use its own credentials to request a new token. Refresh tokens are used when the client want to access a resource on behalf of the user (which may not be interacting with the client at that time).

In this case, the client is acting on its own behalf.